Using OWASP ModSecurity Core Rule Set ver.3.0.2 on cPanel v66.0.23; CentOS 7.3.
I'm getting false positives on 920440 when hitting certain Mailman (v. 2.1.23) user options pages -- specifically ones ending in ".com" -- which is a lot of them, because Mailman includes the user's email address in the URL for the options pages. What's the best way to deal with this without disabling the rule completely? Is there already a fix? If so I couldn't find it. Sanitized example: (Now posted at https://pastebin.com/MFyyVNZk because Barracuda won't let it onto the list.)
_______________________________________________ Owasp-modsecurity-core-rule-set mailing list Owasp-modsecurity-core-rule-set@lists.owasp.org https://lists.owasp.org/mailman/listinfo/owasp-modsecurity-core-rule-set